Telnet, Console and AUX Port Passwords on Cisco Routers Configuration Example
|
|
- Oswin McDowell
- 6 years ago
- Views:
Transcription
1 Telnet, Console and AUX Port Passwords on Cisco Routers Configuration Example Document ID: Contents Introduction Prerequisites Requirements Components Used Conventions Background Information Configure Passwords on the Line Troubleshoot Login Failure Configure Local User Specific Passwords Troubleshoot User specific Password Failure Configure AUX Line Password Verify Configuration Configure AAA Authentication for Login Troubleshoot AAA Login Failure Related Information Introduction This document provides sample configurations for configuring password protection for inbound EXEC connections to the router. Prerequisites Requirements In order to perform the tasks described in this document, you must have privileged EXEC access to the router's command line interface (CLI). For information on using the command line and for understanding command modes, see Using Cisco IOS Software. For instructions on connecting a console to your router, refer to the documentation that accompanied your router, or refer to the online documentation for your equipment. Components Used The information in this document is based on these software and hardware versions: Cisco 2509 router
2 Cisco IOS Software Version 12.2(19) The information in this document was created from the devices in a specific lab environment. All of the devices used in this document started with a cleared (default) configuration. If your network is live, make sure that you understand the potential impact of any command. Conventions For more information on document conventions, refer to the Cisco Technical Tips Conventions. Background Information The use of password protection to control or restrict access to the command line interface (CLI) of your router is one of the fundamental elements of an overall security plan. Protecting the router from unauthorized remote access, typically Telnet, is the most common security that needs configuring, but protecting the router from unauthorized local access cannot be overlooked. Note: Password protection is just one of the many steps you should use in an effective in depth network security regimen. Firewalls, access lists, and control of physical access to the equipment are other elements that must be considered when implementing your security plan. Command line, or EXEC, access to a router can be made in a number of ways, but in all cases the inbound connection to the router is made on a TTY line. There are four main types of TTY lines, as seen in this sample show line output: 2509#show line Tty Typ Tx/Rx A Modem Roty AccO AccI Uses Noise Overruns Int * 0 CTY 0 0 0/0 1 TTY 9600/ /0 2 TTY 9600/ /0 3 TTY 9600/ /0 4 TTY 9600/ /0 5 TTY 9600/ /0 6 TTY 9600/ /0 7 TTY 9600/ /0 8 TTY 9600/ /0 9 AUX 9600/ /0 10 VTY 0 0 0/0 11 VTY 0 0 0/0 12 VTY 0 0 0/0 13 VTY 0 0 0/0 14 VTY 0 0 0/0 2509# The CTY line type is the Console Port. On any router, it appears in the router configuration as line con 0 and in the output of the show line command as cty. The console port is mainly used for local system access using a console terminal. The TTY lines are asynchronous lines used for inbound or outbound modem and terminal connections and can be seen in a router or access server configuration as line x. The specific line numbers are a function of the hardware built into or installed on the router or access server. The AUX line is the Auxiliary port, seen in the configuration as.
3 The VTY lines are the Virtual Terminal lines of the router, used solely to control inbound Telnet connections. They are virtual, in the sense that they are a function of software there is no hardware associated with them. They appear in the configuration as line vty 0 4. Each of these types of lines can be configured with password protection. Lines can be configured to use one password for all users, or for user specific passwords. User specific passwords can be configured locally on the router, or you can use an authentication server to provide authentication. There is no prohibition against configuring different lines with different types of password protection. It is, in fact, common to see routers with a single password for the console and user specific passwords for other inbound connections. Below is an example of router output from the show running config command: 2509#show running config Current configuration : 655 bytes version Configuration edited for brevity line con 0 line 1 8 line vty 0 4 Configure Passwords on the Line To specify a password on a line, use the password command in line configuration mode. To enable password checking at login, use the login command in line configuration mode. Note: To find additional information on the commands used in this document, use the Command Lookup Tool (registered customers only). In this example, a password is configured for all users attempting to use the console. 1. From the privileged EXEC (or "enable") prompt, enter configuration mode and then switch to line configuration mode using the following commands. Notice that the prompt changes to reflect the current mode. router#configure terminal Enter configuration commands, one per line. End with CNTL/Z. router(config)#line con 0 router(config line)# 2. Configure the password, and enable password checking at login. router(config line)#password letmein router(config line)#login
4 3. Exit configuration mode. router(config line)# router# %SYS 5 CONFIG_I: Configured from console by console Note: Do not save configuration changes to line con 0 until your ability to log in has been verified. Note: Under the line console configuration, login is a required configuration command to enable password checking at login. Console authentication requires both the password and the login commands to work. Examine the configuration of the router to verify that the commands have been properly entered: Certain show commands are supported by the Output Interpreter Tool (registered customers only), which allows you to view an analysis of show command output. show running config displays the current configuration of the router. router#show running config... Lines omitted for brevity line con 0 password letmein login line 1 8 line vty 0 4 To test the configuration, log off the console and log in again, using the configured password to access the router: router#exit router con0 is now available Press RETURN to get started. User Access Verification Password: Password entered here is not displayed by the router router> Note: Before performing this test, ensure that you have an alternate connection into the router, such as Telnet or dial in, in case there is a problem logging back into the router.
5 Troubleshoot Login Failure If you cannot log back into the router and you have not saved the configuration, reloading the router will eliminate any configuration changes you have made. If the configuration changes were saved and you cannot login to the router, you will have to perform a password recovery. See Password Recovery Procedures to find instructions for your particular platform. Configure Local User Specific Passwords To establish a username based authentication system, use the username command in global configuration mode. To enable password checking at login, use the login local command in line configuration mode. In this example, passwords are configured for users attempting to connect to the router on the VTY lines using Telnet. 1. From the privileged EXEC (or "enable") prompt, enter configuration mode and enter username/password combinations, one for each user for whom you want to allow access to the router: router#configure terminal Enter configuration commands, one per line. End with CNTL/Z. router(config)# username russ password montecito router(config)# username cindy password belgium router(config)# username mike password rottweiler 2. Switch to line configuration mode, using the following commands. Notice that the prompt changes to reflect the current mode. 3. router(config)#line vty 0 4 router(config line)# Configure password checking at login. router(config line)#login local 4. Exit configuration mode. router(config line)# router# %SYS 5 CONFIG_I: Configured from console by console Note: In order to disable auto Telnet when you type a name on the CLI, configure no logging preferred on the line that is used. While transport preferred none provides the same output, it also disables auto Telnet for the defined host that are configured with the ip host command. This is unlike the no logging preferred command, which stops it for undefined hosts and lets it work for the defined ones. Examine the configuration of the router to verify that the commands have been properly entered: show running config displays the current configuration of the router. router#show running config
6 Lines omitted for brevity username russ password 0 montecito username cindy password 0 belgium username mike password 0 rottweiler Lines omitted for brevity line con 0 line 1 8 line vty 0 4 login local To test this configuration, a Telnet connection must be made to the router. This can be done by connecting from a different host on the network, but you can also test from the router itself by telnetting to the IP address of any interface on the router that is in an up/up state as seen in the output of the show interfaces command. Here is a sample output if the address of interface ethernet 0 were : router#telnet Trying Open User Access Verification Username: mike Password: Password entered here is not displayed by the router router Troubleshoot User specific Password Failure Usernames and passwords are case sensitive. Users attempting to log in with an incorrectly cased username or password will be rejected. If users are unable to log into the router with their specific passwords, reconfigure the username and password on the router. Configure AUX Line Password In order to specify a password on the AUX line, issue the password command in line configuration mode. In order to enable password checking at login, issue the login command in line configuration mode.
7 In this example, a password is configured for all users attempting to use the AUX port. 1. Issue the show line command in order to verify the line used by the AUX port. R1#show line Tty Typ Tx/Rx A Modem Roty AccO AccI Uses Noise Overruns Int * 0 CTY 0 0 0/0 65 AUX 9600/ /0 66 VTY 0 0 0/0 67 VTY 0 0 0/0 2. In this example, the AUX port is on line 65. Issue these commands in order to configure the router AUX line: Verify Configuration R1# conf t R1(config)# line 65 R1(config line)#modem inout R1(config line)#speed R1(config line)#transport input all R1(config line)#flowcontrol hardware R1(config line)#login R1(config line)#password cisco R1(config line)# R1# Examine the configuration of the router in order to verify that the commands have been properly entered: The show running config command displays the current configuration of the router: R1#show running config Lines omitted for brevity. password cisco login modem InOut transport input all speed flowcontrol hardware Lines omitted for brevity. Configure AAA Authentication for Login To enable authentication, authorization, and accounting (AAA) authentication for logins, use the login authentication command in line configuration mode. AAA services must also be configured.
8 In this example, the router is configured to retrieve users' passwords from a TACACS+ server when users attempt to connect to the router. Note: Configuring the router to use other types of AAA servers (RADIUS, for example) is similar. See Configuring Authentication for additional information. Note: This document does not address configuration of the AAA server itself. Refer to Security Server Protocols for information on configuring the AAA server. 1. From the privileged EXEC (or "enable") prompt, enter configuration mode and enter the commands to configure the router to use AAA services for authentication: configure router# terminal Enter configuration commands, one per line. End with CNTL/Z. router(config)#aaa new model router(config)#aaa authentication login my auth list tacacs+ router(config)#tacacs server host router(config)#tacacs server key letmein 2. Switch to line configuration mode using the following commands. Notice that the prompt changes to reflect the current mode. 3. router(config)#line 1 8 router(config line)# Configure password checking at login. router(config line)#login authentication my auth list 4. Exit configuration mode. router(config line)# router# %SYS 5 CONFIG_I: Configured from console by console Examine the configuration of the router to verify that the commands have been properly entered: show running config displays the current configuration of the router. router#write terminal Current configuration: version 12.0 service timestamps debug uptime service timestamps log uptime no service password encryption hostname router aaa new model aaa authentication login my auth list tacacs+ Lines omitted for brevity
9 ... tacacs server host tacacs server key letmein line con 0 line 1 8 login authentication my auth list line vty 0 4 To test this particular configuration, an inbound or outbound connection must be made to the line. See the Modem Router Connection Guide for specific information on configuring async lines for modem connections. Alternately, you can configure one or more VTY lines to perform AAA authentication and perform your testing thereupon. Troubleshoot AAA Login Failure Before issuing debug commands, see Important Information on Debug Commands. To troubleshoot a failed login attempt, use the debug command appropriate to your configuration: debug aaa authentication debug radius debug kerberos Related Information Configuring Authentication Cisco IOS Debug Command Reference Technical Support Cisco Systems Contacts & Feedback Help Site Map Cisco Systems, Inc. All rights reserved. Terms & Conditions Privacy Statement Cookie Policy Trademarks of Cisco Systems, Inc. Updated: Jul 13, 2012 Document ID: 45843
Console Port, Telnet, and SSH Handling
This chapter contains the following sections: Restrictions and Notes for Console Port, Telnet, and SSH, page 1 Console Port Overview, page 1 Console Port Handling Overview, page 1 Telnet and SSH Overview,
More informationConsole Port, Telnet, SSH Handling, and Reset
This chapter contains the following sections: Restrictions and Notes for Console Port, Telnet, and SSH, page 1 Console Port Overview, page 1 Console Port Handling Overview, page 1 Telnet and SSH Overview,
More informationConfiguring a Modem on the AUX Port for EXEC Dialin Connectivity
Configuring a Modem on the AUX Port for EXEC Dialin Connectivity Document ID: 10318 Contents Introduction Prerequisites Requirements Components Used Conventions Background Information Configure a Modem
More informationConfiguring a Terminal/Comm Server
Configuring a Terminal/Comm Server Document ID: 5466 Introduction Prerequisites Requirements Components Used Conventions Cabling Design Strategy Configure Network Diagram Configurations Command Summary
More informationCisco - Connecting Routers Back-to-Back Through the AUX Ports using a Rollover Cable
1 of 5 6/12/2001 1:43 PM Connecting Routers Back-to-Back Through the AUX Ports using a Rollover Cable Contents Introduction Conventions Network Diagram Configurations Troubleshooting the Configuration
More informationAccess Service Security
CHAPTER 4 Access Service Security The access service security paradigm presented in this guide uses the authentication, authorization, and accounting (AAA) facility: Authentication requires dial-in users
More informationPolicy Based Routing with the Multiple Tracking Options Feature Configuration Example
Policy Based Routing with the Multiple Tracking Options Feature Configuration Example Document ID: 48003 Contents Introduction Prerequisites Requirements Components Used Conventions Configure Network Diagram
More informationLab 7 Configuring Basic Router Settings with IOS CLI
Lab 7 Configuring Basic Router Settings with IOS CLI Objectives Part 1: Set Up the Topology and Initialize Devices Cable equipment to match the network topology. Initialize and restart the router and switch.
More informationPT Activity: Configure AAA Authentication on Cisco Routers
PT Activity: Configure AAA Authentication on Cisco Routers Instructor Version Topology Diagram Addressing Table Device Interface IP Address Subnet Mask R1 Fa0/0 192.168.1.1 255.255.255.0 S0/0/0 10.1.1.2
More informationThis document is exclusive property of Cisco Systems, Inc. Permission is granted to print and copy this document for non-commercial distribution and
This document is exclusive property of Cisco Systems, Inc. Permission is granted to print and copy this document for non-commercial distribution and exclusive use by instructors in the CCNA Exploration:
More informationConfiguring Basic AAA on an Access Server
Configuring Basic AAA on an Access Server Document ID: 10384 Contents Introduction Before You Begin Conventions Prerequisites Components Used Network Diagram General AAA Configuration Enabling AAA Specifying
More informationPassword Recovery Procedure for the Cisco 801, 802, 803, 804, 805, 811, and 813 Series Routers
Password Recovery Procedure for the Cisco 801, 802, 803, 804, 805, 811, and 813 Series Routers Document ID: 12732 Contents Introduction Prerequisites Requirements Components Used Related Products Conventions
More informationUse NAT to Hide the Real IP Address of CTC to Establish a Session with ONS 15454
Use NAT to Hide the Real IP Address of CTC to Establish a Session with ONS 15454 Document ID: 65122 Contents Introduction Prerequisites Requirements Components Used Conventions Background Information Topology
More informationChapter 12. AAA. Upon completion of this chapter, you will be able to perform the following tasks:
Chapter 12. AAA 15-1 Objectives Upon completion of this chapter, you will be able to perform the following tasks: Describe CiscoSecure features and operations Configure a router with AAA commands Use a
More information4(b): Assign the IP address on the Serial interface of Router. Console Cable
Lab#4 Router Basic IOS 4(a). Router Basic Commands & Configuration 4(b) Assign the IP address on the Serial interface of Router Console Cable R1 PC1 Objectives Be familiar with use of different Configuration
More informationLab AAA Authorization and Accounting
Lab 11.3.2 AAA Authorization and Accounting Objective Scenario Step 1 In this lab, the student will use the exec-timeout command to control the amount of time before an idle telnet or console session is
More informationConfiguring Secure Shell
Configuring Secure Shell Last Updated: October 24, 2011 The Secure Shell (SSH) feature is an application and a protocol that provides a secure replacement to the Berkeley r-tools. The protocol secures
More informationHow to Configure a Cisco Router Behind a Non-Cisco Cable Modem
How to Configure a Cisco Router Behind a Non-Cisco Cable Modem Document ID: 19268 Contents Introduction Prerequisites Requirements Components Used Conventions Configure Network Diagram Configurations Verify
More informationLab Configuring Basic RIPv2 (Solution)
(Solution) Topology 2017 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public. Page 1 of 15 Addressing Table Objectives Device Interface IP Address Subnet Mask Default Gateway
More informationPractice Dynagen. Winpcap 4.0. RPMs for are now available in the download section. Thanks to Sean Walberg for performing the packaging.
Dynagen What is the Dynagen? Dynagen is a front end dfor use with the Dynamips Cisco router emulator. It uses an INI like configuration file to provision Dynamips emulator networks. It takes care of specifying
More informationAccess Server Dial In IP/PPP Configuration With Dedicated V.120 PPP
Access Server Dial In IP/PPP Configuration With Dedicated V.120 PPP Document ID: 6306 Contents Introduction Prerequisites Requirements Components Used Conventions Background Information How V.120 Affects
More informationImplementing Authentication Proxy
Implementing Authentication Proxy Document ID: 17778 Contents Introduction Prerequisites Requirements Components Used Conventions How to Implement Authentication Proxy Server Profiles Cisco Secure UNIX
More informationConfiguring PPP Dialin with External Modems
Configuring PPP Dialin with External Modems Document ID: 9581 Contents Introduction Prerequisites Requirements Components Used Related Products Conventions Configure Network Diagram Configurations Verify
More informationExamples of Cisco APE Scenarios
CHAPTER 5 This chapter describes three example scenarios with which to use Cisco APE: Access to Asynchronous Lines, page 5-1 Cisco IOS Shell, page 5-3 Command Authorization, page 5-5 Note For intructions
More informationLab Using the CLI to Gather Network Device Information Topology
Topology Addressing Table Objectives Device Interface IP Address Subnet Mask Default Gateway R1 G0/1 192.168.1.1 255.255.255.0 N/A Lo0 209.165.200.225 255.255.255.224 N/A S1 VLAN 1 192.168.1.11 255.255.255.0
More informationConfiguring Local Authentication
This chapter describes local authentication. This chapter also describes procedures to configure local authentication and privilege levels. This chapter includes the following topics: Understanding Authentication,
More informationLab - Examining Telnet and SSH in Wireshark
Topology Addressing Table Objectives Device Interface IP Address Subnet Mask Default Gateway R1 G0/1 192.168.1.1 255.255.255.0 N/A PC-A NIC 192.168.1.3 255.255.255.0 192.168.1.1 Part 1: Configure the Devices
More informationConfigure IOS-XE to display full show running-config for users with low Privilege Levels
Configure IOS-XE to display full show running-config for users with low Privilege Levels Contents Introduction Prerequisites Requirements Components Used Configuration Problem Configuration Solution and
More informationSecure Shell Configuration Guide, Cisco IOS Release 15M&T
Americas Headquarters Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134-1706 USA http://www.cisco.com Tel: 408 526-4000 800 553-NETS (6387) Fax: 408 527-0883 THE SPECIFICATIONS AND INFORMATION
More informationConfigure a Cisco Router with TACACS+ Authentication
Configure a Cisco Router with TACACS+ Authentication Document ID: 13865 Contents Introduction Prerequisites Requirements Components Used Conventions Authentication Add Authorization Add Accounting Test
More informationord Recovery Procedure for the Cisco Catalyst 8510 Multiserv
ord Recovery Procedure for the Cisco Catalyst 8510 Multiserv Table of Contents Password Recovery Procedure for the Cisco Catalyst 8510 Multiservice Switch Router...1 Introduction...1 Before You Begin...1
More informationPassword Recovery Procedure for the Cisco 3600 and 3800 Series Routers
Password Recovery Procedure for the Cisco 3600 and 3800 Series Routers Document ID: 22189 Contents Introduction Prerequisites Requirements Components Used Related Products Conventions Step by Step Procedure
More informationConfiguring Transparent and Proxy Media Redirection Using ACNS Software 4.x
Configuring Transparent and Proxy Media Redirection Using ACNS Software 4.x Document ID: 4717 Contents Introduction Before You Begin Conventions Prerequisites Requirements Components Used Configure Network
More informationLab Advanced Telnet Operations Instructor Version 2500
Lab 4.2.4 Advanced Telnet Operations Instructor Version 2500 Objective Use the telnet command to remotely access other routers. Verify that the application layer between the source and the destination
More informationPacket Tracer - Configuring Initial Switch Settings
Topology Objectives Part 1: Verify the Default Switch Configuration Part 2: Configure a Basic Switch Configuration Part 3: Configure a MOTD Banner Part 4: Save Configuration Files to NVRAM Part 5: Configure
More informationTELECOMMUNICATION MANAGEMENT AND NETWORKS
QUAID-E-AWAM UNIVERSITY OF ENGINEERING SCIENCE AND TECHNOLOGY, NAWABSHAH TELECOMMUNICATION MANAGEMENT AND NETWORKS LAB # 3 CONFIGURING INTERFACES OF ROUTER AND SWITCH Topology Diagram Addressing Table
More informationConfiguring TACACS+ Finding Feature Information. Prerequisites for TACACS+
Finding Feature Information, page 1 Prerequisites for TACACS+, page 1 Information About TACACS+, page 3 How to Configure TACACS+, page 7 Monitoring TACACS+, page 16 Finding Feature Information Your software
More informationKIM DONNERBORG / RTS. Cisco Lab Øvelse Af Kim Donnerborg / RTS. Side 0 af 8
KIM DONNERBORG / RTS Side 0 af 8 INDHOLDSFORTEGNELSE Lab: Basic Router Configuration... 2 Topology Diagram... 2 Addressing Table... 2 Learning Objectives... 2 Scenario... 2 Task 1: Cable the Network....
More informationcable modem dhcp proxy nat on Cisco Cable Modems
cable modem dhcp proxy nat on Cisco Cable Modems Document ID: 12176 Contents Introduction Prerequisites Requirements Components Used Conventions Dynamic NAT Versus Static NAT Configuration Using cable
More informationWhat is EXEC timeout
EXEC Timeout What is EXEC timeout To allow access to your Cisco devices you can configure a number of lines. Examples of these lines are the console port (line con 0), virtual ports for remote access (vty
More informationTELECOMMUNICATION MANAGEMENT AND NETWORKS
QUAID-E-AWAM UNIVERSITY OF ENGINEERING SCIENCE AND TECHNOLOGY, NAWABSHAH TELECOMMUNICATION MANAGEMENT AND NETWORKS LAB # 2 BASIC CISCO ROUTER CONFIGURATION 1 INTRODUCTION Cisco router is a device that
More informationConfiguring Switch-Based Authentication
CHAPTER 7 This chapter describes how to configure switch-based authentication on the switch. Unless otherwise noted, the term switch refers to a standalone switch and to a switch stack. This chapter consists
More informationConsole Port, Telnet, and SSH Handling
Console Port Overview, on page 1 Connecting Console Cables, on page 1 Installing USB Device Drivers, on page 1 Console Port Handling Overview, on page 2 Telnet and SSH Overview, on page 2 Persistent Telnet,
More informationITdumpsFree. Get free valid exam dumps and pass your exam test with confidence
ITdumpsFree http://www.itdumpsfree.com Get free valid exam dumps and pass your exam test with confidence Exam : 640-554 Title : Implementing Cisco IOS Network Security (IINS v2.0) Vendor : Cisco Version
More informationLab Catalyst 2950T and 3550 Series Basic Setup
Lab 1.2.9.1 Catalyst 2950T and 3550 Series Basic Setup Objective Configure a Cisco Catalyst 2950T or 3550 series Ethernet switch for the first time using the command-line interface (CLI) mode. Basic first
More informationLab Designing and Implementing a VLSM Addressing Scheme. Topology. Objectives. Background / Scenario
CSNB214 Packet Tracer Lab Designing and Implementing a VLSM Addressing Scheme Topology Objectives Part 1: Examine Network Requirements Part 2: Design the VLSM Address Scheme Part 3: Cable and Configure
More informationConfiguring IDS TCP Reset Using VMS IDS MC
Configuring IDS TCP Reset Using VMS IDS MC Document ID: 47560 Contents Introduction Prerequisites Requirements Components Used Conventions Configure Network Diagram Configurations Initial Sensor Configuration
More informationFirst-Time Configuration
This chapter describes the actions to take before turning on your router for the first time Setup Mode, on page 1 Verifying the Cisco IOS Software Version, on page 4 Configuring the Hostname and Password,
More informationCisco IOS Firewall Authentication Proxy
Cisco IOS Firewall Authentication Proxy This feature module describes the Cisco IOS Firewall Authentication Proxy feature. It includes information on the benefits of the feature, supported platforms, configuration
More informationLock and Key: Dynamic Access Lists
Lock and Key: Dynamic Access Lists Document ID: 7604 Contents Introduction Prerequisites Requirements Components Used Conventions Spoofing Considerations Performance When to Use Lock and Key Access Lock
More informationConfiguring Authorization
Configuring Authorization AAA authorization enables you to limit the services available to a user. When AAA authorization is enabled, the network access server uses information retrieved from the user
More informationSLIP and PPP Configuration Commands
CHAPTER 15 SLIP and PPP Configuration Commands SLIP and PPP define methods of sending Internet Protocol (IP) packets over standard EIA/TIA-232 asynchronous serial lines with minimum line speeds of 1200
More informationContext Based Access Control (CBAC): Introduction and Configuration
Context Based Access Control (CBAC): Introduction and Configuration Document ID: 13814 Contents Introduction Prerequisites Requirements Components Used Conventions Background Information What Traffic Do
More informationLab 1. CLI Navigation. Scenario. Initial Configuration for R1
Lab 1 CLI Navigation This lab covers the most basic skills for accessing and using the command-line interface (CLI) on a Cisco router or switch. Many of the small, picky details of how the CLI works cannot
More informationTACACS+ on an Aironet Access Point for Login Authentication Configuration Example
TACACS+ on an Aironet Access Point for Login Authentication Configuration Example Document ID: 70149 Contents Introduction Prerequisites Requirements Components Used Conventions Configure Network Diagram
More informationConfiguring Secure Shell on Routers and Switches Running Cisco IOS
Configuring Secure Shell on Routers and Switches Running Cisco IOS Document ID: 4145 Contents Introduction Prerequisites Requirements Components Used Conventions SSH v1 vs. SSH v2 Network Diagram Test
More informationLab Establishing and Verifying a Telnet Connection Instructor Version 2500
Lab 4.2.2 Establishing and Verifying a Telnet Connection Instructor Version 2500 Objective Establish a Telnet connection to a remote router. Verify that the application layer between source and destination
More informationLab Configuring and Verifying Standard IPv4 ACLs (Instructor Version Optional Lab)
(Instructor Version Optional Lab) Instructor Note: Red font color or gray highlights indicate text that appears in the instructor copy only. Optional activities are designed to enhance understanding and/or
More informationVPN Connection through Zone based Firewall Router Configuration Example
VPN Connection through Zone based Firewall Router Configuration Example Document ID: 112051 Contents Introduction Prerequisites Requirements Components Used Conventions Background Information Configure
More informationPassword Recovery Procedure for the Cisco 1900 Series Integrated Services Routers
Password Recovery Procedure for the Cisco 1900 Series Integrated Services Routers Document ID: 112058 Contents Introduction Prerequisites Requirements Components Used Related Products Conventions Step
More informationLab - Configuring IPv6 Addresses on Network Devices
Topology Addressing Table Device Interface IPv6 Address Prefix Length Default Gateway Objectives R1 G0/0 2001:DB8:ACAD:A::1 64 N/A G0/1 2001:DB8:ACAD:1::1 64 N/A S1 VLAN 1 2001:DB8:ACAD:1::B 64 N/A PC-A
More informationLab Configuring Per-Interface Inter-VLAN Routing (Solution)
(Solution) Topology Addressing Table Objectives Device Interface IP Address Subnet Mask Default Gateway R1 G0/0 192.168.20.1 255.255.255.0 N/A G0/1 192.168.10.1 255.255.255.0 N/A S1 VLAN 10 192.168.10.11
More informationConfiguration Guide Cisco UCS Express Local Management Platform
Configuration Guide Cisco UCS Express Local Management Platform Written for LMS 4.4 and SRE- V Software Version: 1.5.1 August 2011 Table of Contents 1. Preface... 1 Audience... 1 Definitions and Conventions...
More informationLab Configuring Per-Interface Inter-VLAN Routing (Instructor Version)
(Instructor Version) Instructor Note: Red font color or Gray highlights indicate text that appears in the instructor copy only. Topology Addressing Table Objectives Device Interface IP Address Subnet Mask
More informationConfiguration Professional: Site to Site IPsec VPN Between Two IOS Routers Configuration Example
Configuration Professional: Site to Site IPsec VPN Between Two IOS Routers Configuration Example Document ID: 113337 Contents Introduction Prerequisites Requirements Components Used Conventions Configuration
More informationLab Configuring Basic Router Settings with IOS CLI (Instructor Version Optional Lab)
(Instructor Version Optional Lab) Instructor Note: Red font color or gray highlights indicate text that appears in the instructor copy only. Optional activities are designed to enhance understanding and/or
More informationLab Configuring IPv4 Static and Default Routes (Solution)
(Solution) Topology Addressing Table Device Interface IP Address Subnet Mask Default Gateway R1 G0/1 192.168.0.1 255.255.255.0 N/A S0/0/1 10.1.1.1 255.255.255.252 N/A R3 G0/1 192.168.1.1 255.255.255.0
More informationCisco Configuring Hub and Spoke Frame Relay
Table of Contents Configuring Hub and Spoke Frame Relay...1 Introduction...1 Before You Begin...1 Conventions...1 Prerequisites...1 Components Used...1 Configure...1 Network Diagram...2 Configurations...2
More informationConfiguring a Cisco 827 Router to Support PPPoE Clients, Terminating on a Cisco 6400 UAC
Configuring a Cisco 827 Router to Support PPPoE Clients, Terminating on a Cisco 6400 UAC Document ID: 12889 Contents Introduction Before You Begin Conventions Prerequisites Components Used Configure Network
More informationLab - Securing Administrative Access Using AAA and RADIUS
CCNA Security Lab - Securing Administrative Access Using AAA and RADIUS Topology Note: ISR G1 devices use FastEthernet interfaces instead of GigabitEthernet Interfaces. 2015 Cisco and/or its affiliates.
More informationLab Configuring and Verifying Standard IPv4 ACLs Topology
Topology 2016 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public. Page 1 of 10 Addressing Table Objectives Device Interface IP Address Subnet Mask Default Gateway R1 G0/1 192.168.10.1
More informationLab - Configuring a Switch Management Address
Topology Addressing Table Objectives Device Interface IP Address Subnet Mask Default Gateway S1 VLAN 1 192.168.1.2 255.255.255.0 N/A PC-A NIC 192.168.1.10 255.255.255.0 N/A Part 1: Configure a Basic Network
More informationTable of Contents. Cisco Password Recovery Procedure for the Cisco 2000, 2500, 3000, 4000, AccessPro, 7000 (RP), AGS, IGS, STS
ry Procedure for the Cisco 2000, 2500, 3000, 4000, AccessPro, , IGS, STS Table of Contents Password Recovery Procedure for the Cisco 2000, 2500, 3000, 4000, AccessPro, 7000 (RP), AGS, IGS, STS 10x...1
More informationPrerequisites for Controlling Switch Access with Terminal Access Controller Access Control System Plus (TACACS+)
Finding Feature Information, page 1 Prerequisites for Controlling Switch Access with Terminal Access Controller Access Control System Plus (TACACS+), page 1 Information About TACACS+, page 3 How to Configure
More informationConfiguring Secure Shell (SSH)
Prerequisites for Configuring Secure Shell, page 1 Restrictions for Configuring Secure Shell, page 2 Information About Configuring Secure Shell, page 2 How to Configure Secure Shell, page 4 Monitoring
More informationConfiguring Authentication Proxy
The Cisco IOS Firewall Authentication Proxy feature provides dynamic, per-user authentication and authorization, authenticating users against industry standard TACACS+ and RADIUS authentication protocols.
More informationNo Service Password-Recovery
No Service Password-Recovery Last Updated: January 18, 2012 The No Service Password-Recovery feature is a security enhancement that prevents anyone with console access from accessing the router configuration
More informationUsing the Management Interfaces
The following management interfaces are provided for external users and applications: Gigabit Ethernet Management Interface, page 1 SNMP, page 7 Gigabit Ethernet Management Interface Gigabit Ethernet Management
More informationCisco Network Academy CCNA 1 Introduction to Networks
Cisco Network Academy CCNA 1 Introduction to Networks Packet Tracer Practice with Dans Sample http://www.danscourses.com/ In this lab, you will learn how to configure the following tasks: IPv4 Addressing
More informationUsing NAT in Overlapping Networks
Using NAT in Overlapping Networks Document ID: 13774 Contents Introduction Prerequisites Requirements Components Used Conventions Configure Network Diagram Configurations Verify Troubleshoot Related Information
More informationIOS Router : Easy VPN (EzVPN) in Network Extension Mode (NEM) with Split tunnelling Configuration Example
IOS Router : Easy VPN (EzVPN) in Network Extension Mode (NEM) with Split tunnelling Configuration Example Document ID: 63098 Contents Introduction Prerequisites Requirements Components Used Conventions
More informationTake Assessment - CCNA 607 Certification Practice Exam - CCNA 4 WAN Technologies Version 3.1
Assessment System 1. Assessment Selection 2. Assessment Settings 3. Take Assessment Take Assessment - CCNA 607 Certification Practice Exam - CCNA 4 WAN Technologies Version 3.1 Time Remaining: 16 A network
More informationLab Troubleshooting Basic PPP with Authentication Topology
Topology 2013 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public. Page 1 of 8 Addressing Table Objectives Device Interface IP Address Subnet Mask Default Gateway R1 G0/1 192.168.1.1
More informationLab Introductory Lab 1 Getting Started and Building Start.txt
Lab 1.5.1 Introductory Lab 1 Getting Started and Building Start.txt Objective This lab will introduce to the student the CCNP lab equipment and certain IOS features that might be new. This introductory
More informationAntonio Cianfrani. Packet Tracer
Antonio Cianfrani Packet Tracer Packet Tracer (1/2) Packet Tracer? Cisco Packet Tracer is a software able to emulate CISCO networking devices. Packet Tracer features: Allows to create network topologies
More informationModule 9, Assignment 7
Module 9, Assignment 7 7.2.3 Control Router via Console (in Packet Tracer) 1. Prepare a Cisco 1841 Router (see figure 6-9). 2. Prepare a PC for administration. 3. Prepare a console cable and plug the serial
More informationLab Configuring Dynamic and Static NAT (Solution)
(Solution) Topology Addressing Table Objectives Device Interface IP Address Subnet Mask Default Gateway Gateway G0/1 192.168.1.1 255.255.255.0 N/A S0/0/1 209.165.201.18 255.255.255.252 N/A ISP S0/0/0 (DCE)
More informationAAA Authorization and Authentication Cache
AAA Authorization and Authentication Cache First Published: March 16, 2006 Last Updated: March 1, 2006 The AAA Authorization and Authentication Cache feature allows you to cache authorization and authentication
More informationHochschule Bremen Networking Lab
Hochschule Bremen Networking Lab User Manual Welcome to the Hochschule Bremen networking lab. This manual will give you a brief introduction on how to use the PCs and networking hardware in the lab. The
More informationConfiguring Authorization
The AAA authorization feature is used to determine what a user can and cannot do. When AAA authorization is enabled, the network access server uses information retrieved from the user s profile, which
More informationThree interface Router without NAT Cisco IOS Firewall Configuration
Three interface Router without NAT Cisco IOS Firewall Configuration Document ID: 13893 Contents Introduction Prerequisites Requirements Components Used Conventions Configure Network Diagram Configurations
More informationLab Troubleshooting IPv4 and IPv6 Static Routes (Instructor Version Optional Lab)
(Instructor Version Optional Lab) Instructor Note: Red font color or gray highlights indicate text that appears in the instructor copy only. Optional activities are designed to enhance understanding and/or
More informationUnderstanding and Troubleshooting Idle Timeouts
Understanding and Troubleshooting Idle Timeouts Document ID: 23423 Contents Introduction Prerequisites Requirements Components Used Conventions Common Problems and Symptoms Idle Timeouts Interesting Traffic
More informationSecure ACS Database Replication Configuration Example
Secure ACS Database Replication Configuration Example Document ID: 71320 Introduction Prerequisites Requirements Components Used Related Products Conventions Background Information Scenario I Scenario
More informationLab Securing Network Devices
Topology Addressing Table Objectives Device Interface IP Address Subnet Mask Default Gateway R1 G0/1 192.168.1.1 255.255.255.0 N/A S1 VLAN 1 192.168.1.11 255.255.255.0 192.168.1.1 PC-A NIC 192.168.1.3
More informationLab Configuring Dynamic and Static NAT (Instructor Version Optional Lab)
(Instructor Version Optional Lab) Instructor Note: Red font color or gray highlights indicate text that appears in the instructor copy only. Optional activities are designed to enhance understanding and/or
More informationCisco Router Security: Principles and Practise. The foundation of network security is router security.
The foundation of network security is router security. 1) Router security within a general IT security plan, IOS software and standard access. 2) Password security and authentication. 3) Services, applications
More informationConfiguring Modem Transport Support for VoIP
Configuring Modem Transport Support for VoIP This chapter explains how to configure modem transport support for Voice over IP (VoIP) and contains the following sections: Modem Transport Support Overview,
More informationConfiguring Layer 2 Tunneling Protocol (L2TP) over IPSec
Configuring Layer 2 Tunneling Protocol (L2TP) over IPSec Document ID: 14122 Introduction Prerequisites Requirements Components Used Conventions Configure Network Diagram Configurations Verify Troubleshoot
More informationConfiguring Authentication Proxy
Configuring Authentication Proxy Last Updated: January 18, 2012 The Cisco IOS Firewall Authentication Proxy feature provides dynamic, per-user authentication and authorization, authenticating users against
More information